From b966c3d3126dc174c2e3a632614b5f42bb40dccc Mon Sep 17 00:00:00 2001 From: Asaf Shen Date: Mon, 13 Jan 2025 17:21:49 +0200 Subject: [PATCH 1/5] fix: handle close timeouts --- packages/sdks/web-js-sdk/src/constants.ts | 3 +++ .../web-js-sdk/src/enhancers/withAutoRefresh/index.ts | 11 ++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/packages/sdks/web-js-sdk/src/constants.ts b/packages/sdks/web-js-sdk/src/constants.ts index 697f17860..1fc110e7b 100644 --- a/packages/sdks/web-js-sdk/src/constants.ts +++ b/packages/sdks/web-js-sdk/src/constants.ts @@ -4,3 +4,6 @@ export const IS_BROWSER = typeof window !== 'undefined'; // Maximum timeout value for setTimeout // For more information, refer to https://developer.mozilla.org/en-US/docs/Web/API/setTimeout#maximum_delay_value export const MAX_TIMEOUT = Math.pow(2, 31) - 1; + +// The amount of time (ms) to trigger the refresh before session expires +export const REFRESH_THRESHOLD = 20 * 1000; // 20 sec diff --git a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts index e284af6ee..75d0fe4c0 100644 --- a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts +++ b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts @@ -6,10 +6,11 @@ import { createTimerFunctions, getTokenExpiration, getAutoRefreshTimeout, + millisecondsUntilDate, } from './helpers'; import { AutoRefreshOptions } from './types'; import logger from '../helpers/logger'; -import { IS_BROWSER } from '../../constants'; +import { IS_BROWSER, REFRESH_THRESHOLD } from '../../constants'; import { getRefreshToken } from '../withPersistTokens/helpers'; /** @@ -34,6 +35,7 @@ export const withAutoRefresh = // tab becomes visible and the session is expired, do a refresh if ( document.visibilityState === 'visible' && + millisecondsUntilDate(sessionExpiration) > REFRESH_THRESHOLD && new Date() > sessionExpiration ) { logger.debug('Expiration time passed, refreshing session'); @@ -63,6 +65,13 @@ export const withAutoRefresh = clearAllTimers(); + if (timeout <= REFRESH_THRESHOLD) { + logger.debug( + 'Session is too close to expiration, not setting refresh timer', + ); + return; + } + const refreshTimeStr = new Date( Date.now() + timeout, ).toLocaleTimeString('en-US', { hour12: false }); From b22040ed7585a51e029bef7a1c9110db7116f011 Mon Sep 17 00:00:00 2001 From: Asaf Shen Date: Mon, 13 Jan 2025 17:26:20 +0200 Subject: [PATCH 2/5] fix: handle close timeouts --- packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts index 75d0fe4c0..5518d4fb1 100644 --- a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts +++ b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts @@ -35,7 +35,6 @@ export const withAutoRefresh = // tab becomes visible and the session is expired, do a refresh if ( document.visibilityState === 'visible' && - millisecondsUntilDate(sessionExpiration) > REFRESH_THRESHOLD && new Date() > sessionExpiration ) { logger.debug('Expiration time passed, refreshing session'); From d520d82f7d2ce9b040bd4b223cb1cef3f4ca4e97 Mon Sep 17 00:00:00 2001 From: Asaf Shen Date: Mon, 13 Jan 2025 17:26:37 +0200 Subject: [PATCH 3/5] fix: handle close timeouts --- packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts index 5518d4fb1..8759ed5d2 100644 --- a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts +++ b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts @@ -6,7 +6,6 @@ import { createTimerFunctions, getTokenExpiration, getAutoRefreshTimeout, - millisecondsUntilDate, } from './helpers'; import { AutoRefreshOptions } from './types'; import logger from '../helpers/logger'; From 926ee7e73bd70ccfd072e5fb5f3d98efaf6fad9d Mon Sep 17 00:00:00 2001 From: Asaf Shen Date: Mon, 13 Jan 2025 17:28:34 +0200 Subject: [PATCH 4/5] fix: handle close timeouts --- packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts index 8759ed5d2..6dfe6a747 100644 --- a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts +++ b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/index.ts @@ -34,6 +34,7 @@ export const withAutoRefresh = // tab becomes visible and the session is expired, do a refresh if ( document.visibilityState === 'visible' && + sessionExpiration && new Date() > sessionExpiration ) { logger.debug('Expiration time passed, refreshing session'); @@ -51,6 +52,7 @@ export const withAutoRefresh = // if we got 401 we want to cancel all timers if (res?.status === 401) { logger.debug('Received 401, canceling all timers'); + sessionExpiration = null; clearAllTimers(); } else if (sessionJwt) { sessionExpiration = getTokenExpiration(sessionJwt); From 25783e9d0a1c5db79c5fc74817201fe070301d9c Mon Sep 17 00:00:00 2001 From: Asaf Shen Date: Mon, 13 Jan 2025 17:32:56 +0200 Subject: [PATCH 5/5] fix: handle close timeouts --- .../sdks/web-js-sdk/src/enhancers/withAutoRefresh/helpers.ts | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/helpers.ts b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/helpers.ts index 93d7e0b7f..0908480e5 100644 --- a/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/helpers.ts +++ b/packages/sdks/web-js-sdk/src/enhancers/withAutoRefresh/helpers.ts @@ -1,9 +1,6 @@ import { jwtDecode, JwtPayload } from 'jwt-decode'; import logger from '../helpers/logger'; -import { MAX_TIMEOUT } from '../../constants'; - -// The amount of time (ms) to trigger the refresh before session expires -const REFRESH_THRESHOLD = 20 * 1000; // 20 sec +import { MAX_TIMEOUT, REFRESH_THRESHOLD } from '../../constants'; /** * Get the JWT expiration WITHOUT VALIDATING the JWT